<?php
if(!defined('EC_K')) {
	exit('Access Denied');
}
$username=$_POST['username'];
$password=$_POST['password'];
$isname=true;
$logged=true;

if ($_SERVER["REQUEST_METHOD"]=="POST" && isset($username) && isset($password))
{
	include('code/coder.php');
	if (!YL_Security_Secoder::check(@$_POST['code'])) 
	{
		//echo "<script language=\"javascript\">alert(\"验证码错误，请重新输入\\r如果验证码识别有难度，请给管理员发邮件\");history.go(-1);</script>";	
		//echo "<script language='javascript'>warning('Message','验证码错误。')</script>";
		$logged=false;
	}
	elseif(!CheckUser($username))
	$isname=false;
	else
	{
		$sql = "select * from ec_reguser where username='$username'";
		$query = $db->query($sql);
		if ($row = $db->fetch_array($query)) {
			if($row['password'] == md5($password))
			{
				// if ($rememberMe=="on") {
                esetcookie('username',$username, 31536000);
				esetcookie('userid',$row['uid'], 31536000);
				//} 
				//else {
                //dsetcookie('authcookie', authcode("$pass\t$login_mail\t$row[user_id]",'ENCODE'));
				//}
				header("location:$root/home.php");
			}
			else
			{	echo "failed";
				exit();
			}

		}
	}
}
include($template->getfile('ec_login.htm'));
?>